Navigate

AU-9(6)

AU-9(6): Read-only Access

Authorize read-only access to audit information to [a subset of privileged users or roles with authorized read-only access to audit information is defined;].

Supplemental

Restricting privileged user or role authorizations to read-only helps to limit the potential damage to organizations that could be initiated by such users or roles, such as deleting audit records to cover up malicious activity.

CIA Levels
Confidentiality	unknown
Integrity	moderate
Availability	moderate

Overlays
DAF Baseline, Int-A, Int-B, Int-C

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to AU-9(6).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of AU-9(6).

Control	Description
No controls

Related CCIs

The CCIs below are tied to AU-9(6).

CCI	Definition
CCI-001897	Defines the subset of privileged users or roles who will be authorized read-only access to audit information.
CCI-001898	Authorize read-only access to audit information to an organization-defined subset of privileged users or roles.